Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Securing Remote Computers Accessing Office Computers Via Remote Web Workplace

Posted on 2012-03-12
3
Medium Priority
?
958 Views
Last Modified: 2012-03-13
I have a client with a Windows SBS 2008 server that is providing access to the office computers, for those who have a computer in the office, and to the Windows 2008 Terminal Server, for those who do not have a computer in the office.

Some people have company laptops that they take home, some people work on compnay desktops at remote offices and some people work from home using their personal computers.

I am worried about the people working from home using their personal computers. My concern is that they can have or they could get a key logger malware app on their home computers that reports back the Remote Web Workplace URL, their usernames and their passwords. The Remote Web Workplace URL and the user’s login info would give the malware writer/operator access to the company’s data, not unlike how bank accounts and online gaming accounts often get cracked.

I am looking for a solution to secure access to the office network via Remote Web Workplace in such a way that I do not have to install any software on the home user’s personal computers.
0
Comment
Question by:wmtrader
3 Comments
 
LVL 26

Accepted Solution

by:
Tony J earned 1500 total points
ID: 37708950
The simplest solution here I think would be two-factor authentication.

This gives your users a token of some kind and is based around something that they know (their password and maybe a PIN they append to their token code) and something they have - i.e. a physical token of some kind.

There are physical solutions, such as the SafeWord products (I've had a preference for these over the years, as they tend to be cheaper than say RSA, don't die like some [some have a 'death date' after whichthey stop functioning] and can be more easily integrated into the infrastructure for just some users).

Other alternatives include SMS based options whereby a one time use code is sent to a users registered mobile phone.

Either kind of mechanism will negate keyloggers' because the end point log won't include anything useful about the 2nd one-time-use factor.
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 37711964
I agree that two-factor authentication would mitigate your concern. However, many two-factor mechanisms don't work well with RWW because of how that feature is designed, I recommend RWWGuard from Scorpionsoft.  Written by a Microsoft Security MVP, designed for RWW/RWA, and a large SBS support base, it has a lot of traction in the marketplace.

-Cliff
0
 

Author Closing Comment

by:wmtrader
ID: 37714144
I went with the two-factor authentication and I found 2 solutions that work with Win SBS 2011 RWW that I'll be testing, SafeWord from SafeNet Inc and AuthAnvil from Scorpion Software.
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question